Apache VirtualHost 设置 1 个 IP 地址上的多个服务器,每个域都有 SSL

【问题标题】:Apache VirtualHost settings for multiple servers on 1 IP address with multiple domains with SSL for each domainApache VirtualHost 设置 1 个 IP 地址上的多个服务器,每个域都有 SSL
【发布时间】:2021-10-04 08:42:48
【问题描述】:

如何配置我的 apache 设置以在 1 个 IP 地址上为 3 台物理服务器提供服务,并且在每台服务器上都存在多个使用 SSL 的域。我的每台服务器都有多域 SSL 证书。

我是否需要对每个物理服务器上的每个 httpd 文件使用相同的设置?

如何配置我的路由器进行端口转发?

我目前的配置如下。如果我的设置中的任何错误能够引起我的注意并建议如何正确操作,我将不胜感激。

Server1 httpd:

<Directory />
    AllowOverride all
    Require all granted
</Directory>

###  SERVER1 host  ###
<VirtualHost *:80>
    DocumentRoot D:/public_html
    ServerName server1domain1.org
</VirtualHost>

####################################

#### server1domain1.org VirtualHost ####
            
<VirtualHost 192.168.1.9:80>
DocumentRoot "D:/public_html/server1domain1.org"
ServerName server1domain1.org
ServerAlias www.server1domain1.org
<Directory "D:/public_html/server1domain1.org">
Options FollowSymLinks Indexes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "D:/server/apache/logs/server1domain1.org.err"
CustomLog "D:/server/apache/logs/server1domain1.org.log" combined
</VirtualHost>

####################################

#### SSL server1domain1.org VirtualHost ####
            
<VirtualHost 192.168.1.9:443>
DocumentRoot "D:/public_html/server1domain1.org"
ServerName server1domain1.org
ServerAlias www.server1domain1.org
<Directory "D:/public_html/server1domain1.org">
Options FollowSymLinks Indexes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "D:/server/apache/logs/server1domain1.org.err"
CustomLog "D:/server/apache/logs/server1domain1.org.log" combined
  SSLEngine on
SSLCertificateFile "D:/server/apache/conf/server1domain1.crt"
SSLCertificateKeyFile "D:/server/apache/conf/server1domain1.key"
SSLCertificateChainFile "D:/server/apache/conf/server1domain1-ca_bundle.crt"
</VirtualHost>

####################################

#### server1domain2.org VirtualHost ####
            
<VirtualHost 192.168.1.9:80>
DocumentRoot "D:/public_html/server1domain2.org"
ServerName server1domain2.org
ServerAlias server1domain2.org
<Directory "D:/public_html/server1domain2.org">
Options FollowSymLinks Indexes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "D:/server/apache/logs/server1domain2.org.err"
CustomLog "D:/server/apache/logs/server1domain2.org.log" combined
</VirtualHost>

####################################

#### SSL server1domain2.org VirtualHost ####
            
<VirtualHost 192.168.1.9:443>
DocumentRoot "D:/public_html/server1domain2.org"
ServerName server1domain2.org
ServerAlias server1domain2.org
<Directory "D:/public_html/server1domain2.org">
Options FollowSymLinks Indexes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "D:/server/apache/logs/server1domain2.org.err"
CustomLog "D:/server/apache/logs/server1domain2.org.log" combined
  SSLEngine on
SSLCertificateFile "D:/server/apache/conf/server1domain2.crt"
SSLCertificateKeyFile "D:/server/apache/conf/server1domain2.key"
SSLCertificateChainFile "D:/server/apache/conf/server1domain2-ca_bundle.crt"
</VirtualHost>

***

Server2 httpd


<Directory />
    AllowOverride all
    Require all granted
</Directory>


###  SERVER2 host  ###
<VirtualHost server2domain1.com:8081>
    DocumentRoot D:/public_html
    ServerName server2domain1.com
</VirtualHost>

####################################

#### server2domain1.com VirtualHost ####
            

<VirtualHost 192.168.1.5:8081>
DocumentRoot "D:/public_html/server2domain1.com"
ServerName server2domain1.com
ServerAlias www.server2domain1.com
<Directory "D:/public_html/server2domain1.com">
Options FollowSymLinks Indexes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "D:/server/apache/logs/server2domain1.com.err"
CustomLog "D:/server/apache/logs/server2domain1.com.log" combined
</VirtualHost>

####################################

#### SSL server2domain2.com VirtualHost ####
            

<VirtualHost 192.168.1.5:444>
DocumentRoot "D:/public_html/server2domain1.com"
ServerName server2domain1.com
ServerAlias www.server2domain1.com
<Directory "D:/public_html/server2domain1.com">
Options FollowSymLinks Indexes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "D:/server/apache/logs/server2domain1.com.err"
CustomLog "D:/server/apache/logs/server2domain1.com.log" combined
SSLEngine on
SSLCipherSuite ALL:!ADD:!EXPORT56:RC4+RSA:+HIGD:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "D:/server/apache/conf/ssl_crt/server2domain1-multi-certificate.crt"
SSLCertificateChainFile "D:/server/apache/conf/ssl_crt/server2domain1-multi-ca_bundle.crt"
SSLCertificateKeyFile "D:/server/apache/conf/ssl_key/server2domain1-multi-private.key"
</VirtualHost>

####################################

#### server2domain2.org VirtualHost ####
            

<VirtualHost 192.168.1.5:8081>
DocumentRoot "D:/public_html/server2domain2.org"
ServerName server2domain2.org
ServerAlias www.server2domain2.org
<Directory "D:/public_html/server2domain2.org">
Options FollowSymLinks Indexes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "D:/server/apache/logs/server2domain2.org.err"
CustomLog "D:/server/apache/logs/server2domain2.org.log" combined
</VirtualHost>

####################################

#### SSL server2domain2.org VirtualHost ####
            

<VirtualHost 192.168.1.5:444>
DocumentRoot "D:/public_html/server2domain2.org"
ServerName server2domain2.org
ServerAlias www.server2domain2.org
<Directory "D:/public_html/server2domain2.org">
Options FollowSymLinks Indexes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "D:/server/apache/logs/server2domain2.org.err"
CustomLog "D:/server/apache/logs/server2domain2.org.log" combined
SSLEngine on
SSLCipherSuite ALL:!ADD:!EXPORT56:RC4+RSA:+HIGD:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "D:/server/apache/conf/ssl_crt/server2domain2-multi-certificate.crt"
SSLCertificateChainFile "D:/server/apache/conf/ssl_crt/server2domain2-multi-ca_bundle.crt"
SSLCertificateKeyFile "D:/server/apache/conf/ssl_key/server2domain2-multi-private.key"
</VirtualHost>

***

Server3 httpd

<Directory />
    AllowOverride all
    Require all granted
</Directory>

###  SERVER3 host  ###
<VirtualHost 192.168.1.8:8080>
    DocumentRoot D:/public_html
    ServerName server3domain1.com
</VirtualHost>

####################################

#### server3domain1.com VirtualHost ####
            

<VirtualHost 192.168.1.8:8080>
DocumentRoot "D:/public_html/server3domain1.com"
ServerName server3domain1.com
ServerAlias www.server3domain1.com
<Directory "D:/public_html/server3domain1.com">
Options FollowSymLinks Indexes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "D:/server/apache/logs/server3domain1.com.err"
CustomLog "D:/server/apache/logs/server3domain1.com.log" combined
</VirtualHost>

####################################

#### SSL server3domain1.com VirtualHost ####
            

<VirtualHost 192.168.1.8:445>
DocumentRoot "D:/public_html/server3domain1.com"
ServerName server3domain1.com
ServerAlias www.server3domain1.com
<Directory "D:/public_html/server3domain1.com">
Options FollowSymLinks Indexes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "D:/server/apache/logs/server3domain1.com.err"
CustomLog "D:/server/apache/logs/server3domain1.com.log" combined
SSLEngine on
SSLCipherSuite ALL:!ADD:!EXPORT56:RC4+RSA:+HIGD:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "D:/server/apache/conf/ssl_crt/server3domain1-multi-certificate.crt"
SSLCertificateChainFile "D:/server/apache/conf/ssl_crt/server3domain1-multi-ca_bundle.crt"
SSLCertificateKeyFile "D:/server/apache/conf/ssl_key/server3domain1-multi-private.key"
</VirtualHost>

####################################

#### server3domain2.org VirtualHost ####
            

<VirtualHost 192.168.1.8:8080>
DocumentRoot "D:/public_html/server3domain2.org"
ServerName server3domain2.org
ServerAlias www.server3domain2.org
<Directory "D:/public_html/server3domain2.org">
Options FollowSymLinks Indexes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "D:/server/apache/logs/server3domain2.org.err"
CustomLog "D:/server/apache/logs/server3domain2.org.log" combined
</VirtualHost>

####################################

#### SSL server3domain2.org VirtualHost ####
            

<VirtualHost 192.168.1.8:445>
DocumentRoot "D:/public_html/server3domain2.org"
ServerName server3domain2.org
ServerAlias www.server3domain2.org
<Directory "D:/public_html/server3domain2.org">
Options FollowSymLinks Indexes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "D:/server/apache/logs/server3domain2.org.err"
CustomLog "D:/server/apache/logs/server3domain2.org.log" combined
SSLEngine on
SSLCipherSuite ALL:!ADD:!EXPORT56:RC4+RSA:+HIGD:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "D:/server/apache/conf/ssl_crt/server3domain2-multi-certificate.crt"
SSLCertificateChainFile "D:/server/apache/conf/ssl_crt/server3domain2-multi-ca_bundle.crt"
SSLCertificateKeyFile "D:/server/apache/conf/ssl_key/server3domain2-multi-private.key"
</VirtualHost>

####################################

【问题讨论】:

    标签: apache ssl virtualhost


    【解决方案1】:

    在进行了广泛的研究并了解到我需要创建一个反向代理服务器 (FREEDOM.LOCAL) 之后,我聘请了一位服务器专家为我进行设置。在我的反向代理服务器上的httpd文件中添加“监听8080”后,他对反向代理服务器上的vhosts.conf文件所做的更改如下:

    # Redirect to https
<VirtualHost 192.168.1.8:80>
  ServerName freedom.local
  ServerAlias *
  RewriteEngine On
  RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
  
  <Location /phpmyadmin>
    Require all denied
  </Location>
</VirtualHost>

# reverse proxy to TRUTH server
<VirtualHost 192.168.1.8:443>
  ServerName domain1.com
  ServerAlias www.domain1.com domain1.org www.domain1.org domain2.com www.domain2.com domain2.org www.domain2.org

  SSLEngine on
  SSLCipherSuite ALL:!ADD:!EXPORT56:RC4+RSA:+HIGD:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
  SSLCertificateFile "D:/server/apache/conf/ssl_crt/domain1-multi-certificate.crt"
  SSLCertificateChainFile "D:/server/apache/conf/ssl_crt/domain1-multi-ca_bundle.crt"
  SSLCertificateKeyFile "D:/server/apache/conf/ssl_key/domain1-multi-private.key"
  SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
  Protocols h2 http/1.1

  ProxyPreserveHost On
  ProxyPass / http://192.168.1.11:80/
  ProxyPassReverse / http://192.168.1.11:80/
  
  <Location /phpmyadmin>
    Require all denied
  </Location>
</VirtualHost>

# reverse proxy to PROSPERITY server
<VirtualHost 192.168.1.8:443>
  ServerName domain3.network
  ServerAlias www.domain3.social domain3.media www.domain3.media domain3.news www.domain3.news domain3.network www.domain3.network mail.domain3.network domain4.org www.domain4.org domain5.com www.domain5.com

  SSLEngine on
  SSLCipherSuite ALL:!ADD:!EXPORT56:RC4+RSA:+HIGD:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
  SSLCertificateFile "D:/server/apache/conf/ssl_crt/domain3-multi.crt"
  SSLCertificateChainFile "D:/server/apache/conf/ssl_crt/domain3-multi-ca_bundle.crt"
  SSLCertificateKeyFile "D:/server/apache/conf/ssl_key/domain3-multi.key"
  SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
  Protocols h2 http/1.1

  ProxyPreserveHost On
  ProxyPass / http://192.168.1.13:80/
  ProxyPassReverse / http://192.168.1.13:80/
  
  <Location /phpmyadmin>
    Require all denied
  </Location>
</VirtualHost>

# reverse proxy to PASSION server
<VirtualHost 192.168.1.8:443>
  ServerName domain8.org
  ServerAlias www.domain8.org domain6.org www.domain6.org domain7.org www.domain7.org

  SSLEngine on
  SSLCipherSuite ALL:!ADD:!EXPORT56:RC4+RSA:+HIGD:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
  SSLCertificateFile "D:/server/apache/conf/ssl_crt/multi-domain6.crt"
  SSLCertificateChainFile "D:/server/apache/conf/ssl_crt/multi-domain6-ca_bundle.crt"
  SSLCertificateKeyFile "D:/server/apache/conf/ssl_key/multi-domain6.key"
  SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
  Protocols h2 http/1.1

  ProxyPreserveHost On
  ProxyPass / http://192.168.1.9:80/
  ProxyPassReverse / http://192.168.1.9:80/
  
  <Location /phpmyadmin>
    Require all denied
  </Location>
</VirtualHost>

####################################

## PhpMyAdmin

<VirtualHost 192.168.1.8:8080>
    DocumentRoot "D:/public_html"
    ServerName freedom.local
    ServerAlias *
    <Directory "D:/public_html">
        Options FollowSymLinks ExecCGI
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

    这是其中一台从服务器 (PASSION.LOCAL) vhosts.conf 文件的内容:

    <Directory />
    AllowOverride all
    Require all granted
</Directory>

###  PASSION host  ###

<VirtualHost 192.168.1.9:80>
    DocumentRoot "D:/public_html/domain8.org"
    ServerName domain8.org
    ServerAlias www.domain8.org
    <Directory "D:/public_html/domain8.org">
        Options FollowSymLinks ExecCGI
        AllowOverride All
        Require all granted
    </Directory>
    ErrorLog "D:/server/apache/logs/domain8.org.err"
    CustomLog "D:/server/apache/logs/domain8.org.log" combined
    <IfModule mod_env.c>
        SetEnv HTTPS on
    </IfModule>
</VirtualHost>

<VirtualHost 192.168.1.9:80>
    DocumentRoot "D:/public_html/domain6.org"
    ServerName domain6.org
    ServerAlias www.domain6.org
    <Directory "D:/public_html/domain6.org">
        Options FollowSymLinks ExecCGI
        AllowOverride All
        Require all granted
    </Directory>
    ErrorLog "D:/server/apache/logs/domain6.org.err"
    CustomLog "D:/server/apache/logs/domain6.org.log" combined
    <IfModule mod_env.c>
        SetEnv HTTPS on
    </IfModule>
</VirtualHost>

<VirtualHost 192.168.1.9:80>
    DocumentRoot "D:/public_html/domain7.org"
    ServerName domain7.org
    ServerAlias www.domain7.org
    <Directory "D:/public_html/domain7.org">
        Options FollowSymLinks ExecCGI
        AllowOverride All
        Require all granted
    </Directory>
    ErrorLog "D:/server/apache/logs/domain7.org.err"
    CustomLog "D:/server/apache/logs/domain7.org.log" combined
    <IfModule mod_env.c>
        SetEnv HTTPS on
    </IfModule>
</VirtualHost>


####################################

## PhpMyAdmin

<VirtualHost 192.168.1.9:80>
    DocumentRoot "D:/public_html"
    ServerName passion.local
    ServerAlias *
    <Directory "D:/public_html">
        Options FollowSymLinks ExecCGI
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

    【讨论】:

      猜你喜欢
      • 2011-08-17
      • 1970-01-01
      • 2015-10-12
      • 2013-01-10
      • 2013-08-01
      • 2012-11-30
      • 2011-10-17
      • 1970-01-01
      • 2017-06-03
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode